incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benson Margulies <>
Subject Re: KEYS and releases
Date Mon, 27 Jun 2011 20:37:47 GMT

If my goal was to hoodwink you, I'd create a bogus key that claimed to
be owned by an Apache person, put it in a KEYS file, and include in
the release, and sign the release with it. If I was lucky, you'd just
verify the release with the embedded key, and I'd have succeeded. We
want people to use keys from some source OTHER than the mirrors to
verify. There is a non-zero risk of compromise of the many mirrors.

On Mon, Jun 27, 2011 at 4:15 PM, Mattmann, Chris A (388J)
<> wrote:
> On Jun 27, 2011, at 12:58 PM, Noel J. Bergman wrote:
>>> we copy a KEYS file into that directory upon succesful VOTE of the release
>>> artifacts (which also include the KEYS file).
>> Perhaps, but the point we're getting at was explicitly stated by Benson,
>> "The goal here is to allow and encourage consumers to independently verify
>> signatures.  That calls for KEYS somewhere else than inside the package."
> Right, and the point I was getting at was that in Gora, we encourage both.
> As a consumer of software, it's nice to have the keys right there with the release package
too, so
> I don't have to go anywhere else rather than where I'm at (my machine) to verify the
KEYS file
> that came along with the release tarball.
> Cheers,
> Chris
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> Chris Mattmann, Ph.D.
> Senior Computer Scientist
> NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA
> Office: 171-266B, Mailstop: 171-246
> Email:
> WWW:
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> Adjunct Assistant Professor, Computer Science Department
> University of Southern California, Los Angeles, CA 90089 USA
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message